Original Post 2/16/06: Citing the danger of voter fraud and disenfranchisement from poorly implemented databases, a committee of experts commissioned by USACM released a report today making almost 100 recommendations to state and local officials charged with creating and managing statewide voter registration databases (VRDs). The report is a comprehensive “soup-to-nuts” look at challenges elections officials face in making sure databases are accurate, private, usable, secure, and reliable.
The report responds to the mandate passed by Congress in the Help America Vote Act that all states create and manage statewide VRDs. The committee wanted to give objective technical advice to elections officials on the many challenges they will face in meeting this mandate. The report has been about a year in the making, and we’ve covered some of the work of this group on the weblog (1, 2) including comments they filed with the Election Assistance Commission about this issue.
The policy office personally wants to thank the study committee members for their hard work on this report. Each took time from his or her regular life to scope out the issues and then write a very detailed and comprehensive report.
|Contact: Virginia Gold
WASHINGTON, DC, February 16, 2006 — A team of computer security and voting experts has issued recommendations to ensure that electronic records of information submitted by citizens registering to vote are accurate, private, and secure. In a report commissioned by the Association for Computing Machinery’s (ACM) U.S. Public Policy Committee (USACM), state and local election officials now have nearly 100 high-level guidelines designed to help states comply with Federal laws that require computerized statewide electronic databases to be operational by January 1, 2006.
“These guidelines will enable the more than 20 states that have not yet met these federal deadlines to avoid Election Day problems,” said Study Committee co-chair Barbara Simons, a past president of ACM, who is retired from IBM Research. “They also provide a useful template for those states that have complied with federal deadlines, but may need to revamp their processes and procedures in light of the report’s recommendations,” she said.
“If these guidelines are not implemented, at a minimum there could be widespread confusion and Election Day disruptions. And in the worst case, voters across the nation could be disenfranchised and election fraud could result,” said Paula Hawthorn, co-chair of the Voter Registration Database Study Committee. Hawthorn, a former database expert at Hewlett-Packard, and vice president of software development for several start-up companies, identified a series of risks, including hacker attacks, massive Election Day failures, severe privacy violations, and further erosion of confidence in the election process.
The report outlines “best practices” from technology and policy experts recruited for their special knowledge and understanding of the relevant areas. It presents guidelines to make certain that voter databases are consistently reliable and usable by people with diverse backgrounds, purposes, and knowledge.
The study was commissioned by USACM to develop objective technical information and expert recommendations to help states and localities comply with provisions of the Help America Vote Act (HAVA), which was passed in the wake of voting problems in the 2000 Presidential Election.
The guidelines will enable state and local officials to address potential risks by:
- adopting transparent policies and open practices for managing technical and logistical aspects of voter registration databases.
- setting clear accountabilities for those responsible for proposing, making, or approving changes to the data, the system, or its policies.
- establishing audit trails to track changes made to data, security policy, and database design.
- designing privacy policies that are fundamental to the system, and based on long-established and widely-accepted Fair Information Practices principles.
The complete Electronic Voter Registration Database Study and a list of report’s authors are available online at http://www.acm.org/usacm/VRD/
ACM, the Association for Computing Machinery http://www.acm.org, is an educational and scientific society uniting the world’s computing educators, researchers and professionals to inspire dialogue, share resources and address the field’s challenges. ACM strengthens the profession’s collective voice through strong leadership, promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth of its members by providing opportunities for life-long learning, career development, and professional networking.
The ACM U.S. Public Policy Committee (USACM) http://www.acm.org/usacm serves as the focal point for ACM’s interaction with U.S. government organizations, the computing community, and the U.S. public in all matters of U.S. public policy related to information technology. Supported by ACM’s Washington, D.C., Office of Public Policy, USACM responds to requests for information and technical expertise from U.S. government agencies and departments, seeks to influence relevant U.S. government policies on behalf of the computing community and the public, and provides information to ACM on relevant U.S. government activities.